Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/arYJoneY3PFgcq7OipZGGpUsZX4.roa
File: arYJoneY3PFgcq7OipZGGpUsZX4.roa (raw, json)
Hash identifier: raKDdb98GETmlu7kZtp6LRy67kEuy1HBElVtT8BcIBI=
Subject key identifier: 6A:B6:09:A2:77:98:DC:F1:60:72:AE:CE:8A:96:46:1A:95:2C:65:7E
Certificate issuer: /CN=f28e0b758be73a1ddbfb517ee8b5e4f863a21f9e
Certificate serial: 01D1AC90
Authority key identifier: F2:8E:0B:75:8B:E7:3A:1D:DB:FB:51:7E:E8:B5:E4:F8:63:A2:1F:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8o4LdYvnOh3b-1F-6LXk-GOiH54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/arYJoneY3PFgcq7OipZGGpUsZX4.roa
Signing time: Sat 01 Jan 2022 16:04:01 +0000
ROA not before: Sat 01 Jan 2022 16:04:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203393
IP address blocks: 185.136.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30518416 (0x1d1ac90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f28e0b758be73a1ddbfb517ee8b5e4f863a21f9e
Validity
Not Before: Jan 1 16:04:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ab609a27798dcf16072aece8a96461a952c657e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:05:54:7e:18:d7:90:e9:f3:1f:02:43:d6:48:
27:e9:f3:33:93:69:c7:69:9b:bd:b4:bd:aa:7f:d4:
09:0b:83:5d:5b:da:c3:b8:ec:7a:50:bd:72:8d:0f:
bf:11:ac:00:6c:0e:b9:fd:98:96:6a:ff:51:42:13:
2b:d2:5d:0a:f6:79:b3:28:ca:e7:b6:67:dd:19:3d:
af:7e:81:40:82:3d:d1:59:74:16:44:54:60:cc:8e:
bd:67:db:b8:75:51:ca:d5:a6:b6:dd:f0:b6:dd:ed:
cf:f3:29:41:17:28:0c:12:24:9c:f3:0a:64:2e:16:
ce:0c:71:ad:8b:ba:0c:38:65:5b:3a:ac:81:d9:f1:
20:b4:93:62:ab:d7:35:0a:bc:f3:90:fb:b8:a2:d4:
7e:bf:7a:08:a6:c6:04:05:9e:b2:3a:b0:3b:e1:63:
a8:af:69:10:e6:23:51:36:04:1a:e7:67:86:46:cc:
15:f1:38:1e:54:86:f1:ac:c3:e2:6e:b8:50:d8:81:
9b:72:52:35:e2:89:60:80:eb:08:d4:93:18:36:b5:
7a:61:fa:65:81:ff:aa:17:b4:61:67:f1:7e:0f:7f:
b7:50:83:e1:92:bc:92:7b:bd:48:47:62:22:a0:ae:
a9:36:09:6a:81:a8:19:93:17:c3:83:d0:10:13:97:
46:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B6:09:A2:77:98:DC:F1:60:72:AE:CE:8A:96:46:1A:95:2C:65:7E
X509v3 Authority Key Identifier:
keyid:F2:8E:0B:75:8B:E7:3A:1D:DB:FB:51:7E:E8:B5:E4:F8:63:A2:1F:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8o4LdYvnOh3b-1F-6LXk-GOiH54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/arYJoneY3PFgcq7OipZGGpUsZX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/08128a-690a-4f08-8865-69e3d0866ef6/1/8o4LdYvnOh3b-1F-6LXk-GOiH54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.86.0/24
Signature Algorithm: sha256WithRSAEncryption
23:58:99:78:87:a1:d8:f1:02:52:37:e7:2d:ea:3c:65:a1:e7:
ea:52:7b:5a:92:08:9c:9c:47:56:cf:8c:aa:da:fc:eb:70:3c:
da:b9:d5:18:38:48:46:a7:9b:7d:b5:44:01:36:6d:db:3e:31:
3a:50:fd:0f:2a:55:3e:45:14:04:1e:b4:19:a3:ab:23:97:09:
4b:6f:32:1b:cc:30:d1:9e:ea:9b:ed:c5:58:6f:c9:48:7d:f4:
d0:77:05:5a:64:dd:aa:1f:1a:53:59:69:55:7c:bd:8a:c6:c6:
b1:66:20:b3:4b:20:5c:de:32:75:60:6f:27:f0:28:a0:27:18:
21:a3:9d:b7:0e:e2:fa:41:13:fc:14:f0:ed:4b:ed:ce:b8:cc:
d9:56:37:67:3a:bd:eb:70:38:b0:85:55:ee:42:18:6b:02:6b:
eb:b0:3e:bd:22:44:98:0d:b8:95:03:5e:ef:0f:06:77:78:f5:
1c:cf:de:eb:5a:ca:89:36:ac:65:29:96:0a:46:6e:4d:21:24:
21:bb:96:c3:13:a7:5d:ef:c1:f9:9e:d6:fc:99:bd:56:a1:38:
41:eb:ec:46:47:e3:52:a7:28:9c:39:50:3e:be:a8:fd:2d:de:
72:fb:06:1f:fc:39:52:20:c4:5f:7c:ee:8d:a3:84:98:03:bc:
ed:d1:a9:25
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAdGskDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjhlMGI3NThiZTczYTFkZGJmYjUxN2VlOGI1ZTRmODYzYTIxZjllMB4XDTIyMDEw
MTE2MDQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFiNjA5YTI3Nzk4
ZGNmMTYwNzJhZWNlOGE5NjQ2MWE5NTJjNjU3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0FVH4Y15Dp8x8CQ9ZIJ+nzM5Npx2mbvbS9qn/UCQuDXVva
w7jselC9co0PvxGsAGwOuf2Ylmr/UUITK9JdCvZ5syjK57Zn3Rk9r36BQII90Vl0
FkRUYMyOvWfbuHVRytWmtt3wtt3tz/MpQRcoDBIknPMKZC4WzgxxrYu6DDhlWzqs
gdnxILSTYqvXNQq885D7uKLUfr96CKbGBAWesjqwO+FjqK9pEOYjUTYEGudnhkbM
FfE4HlSG8azD4m64UNiBm3JSNeKJYIDrCNSTGDa1emH6ZYH/qhe0YWfxfg9/t1CD
4ZK8knu9SEdiIqCuqTYJaoGoGZMXw4PQEBOXRpUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRqtgmid5jc8WByrs6KlkYalSxlfjAfBgNVHSMEGDAWgBTyjgt1i+c6Hdv7
UX7oteT4Y6IfnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhvNExkWXZuT2gzYi0xRi02TFhrLUdPaUg1NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvMDgxMjhhLTY5MGEtNGYwOC04ODY1LTY5ZTNkMDg2NmVmNi8x
L2FyWUpvbmVZM1BGZ2NxN09pcFpHR3BVc1pYNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
MDgxMjhhLTY5MGEtNGYwOC04ODY1LTY5ZTNkMDg2NmVmNi8xLzhvNExkWXZuT2gz
Yi0xRi02TFhrLUdPaUg1NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmIVjANBgkqhkiG9w0BAQsFAAOC
AQEAI1iZeIeh2PECUjfnLeo8ZaHn6lJ7WpIInJxHVs+Mqtr863A82rnVGDhIRqeb
fbVEATZt2z4xOlD9DypVPkUUBB60GaOrI5cJS28yG8ww0Z7qm+3FWG/JSH300HcF
WmTdqh8aU1lpVXy9isbGsWYgs0sgXN4ydWBvJ/AooCcYIaOdtw7i+kET/BTw7Uvt
zrjM2VY3Zzq963A4sIVV7kIYawJr67A+vSJEmA24lQNe7w8Gd3j1HM/e61rKiTas
ZSmWCkZuTSEkIbuWwxOnXe/B+Z7W/Jm9VqE4QevsRkfjUqconDlQPr6o/S3ecvsG
H/w5UiDEX3zujaOEmAO87dGpJQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:24 2023 by rpki-client on console.sobornost.net